System and method for protecting against dictionary attacks on password-protected TPM keys

a dictionary attack and password-protected technology, applied in the field of system and method for protecting against dictionary attacks on password-protected tpm keys, can solve the problems of unable to keep backup copies of keys, keys are rendered useless, and keys must be regenerated
US20070014416A1Inactive Publication Date: 2007-01-18IBM CORP
3 Cites 68 Cited by

Patent Information

Authority / Receiving Office
US · United States
Patent Type
Applications(United States)
Current Assignee / Owner
IBM CORP
Publication Date
2007-01-18
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

A computer system that may include a trusted platform module (TPM) along with a processor hashes a user-supplied password for a predetermined time period that is selected to render infeasible a dictionary attack on the password. The results of the hash are used to render an AES key, which is used to encrypt an RSA key. The encrypted RSA key along with the total number of hash cycles that were used is stored and the RSA key is provided to the TPM as a security key. In the event that the RSA key in the TPM must be recovered, the encrypted stored version is decrypted with an AES key that is generated based on the user inputting the same password and hashing the password for the stored number of cycles.
Need to check novelty before this filing date? Find Prior Art

Description

I. FIELD OF THE INVENTION

[0001] The present invention relates generally to securely storing backup encryption keys. II. BACKGROUND OF THE INVENTION

[0002] Computer users wishing to implement a security solution are constantly faced with the tradeoff between convenience and security, because more security generally means more difficulty in using a system. A solution based on a Trusted Platform Module (TPM), or security chip, must contend with this tradeoff.

[0003] In the case of a TPM, the most secure usage of keys generated for use with the TPM would involve generating the keys within the TPM chip, and not allowing the keys to migrate to other systems. While this offers security because the keys are useless to a hacker who might attempt to crack the keys for use on another system, it also requires that no backup copies of the keys can be kept. As understood herein, this has the inconvenient drawback that if the user's motherboard is replaced pursuant to, e.g., a hardware failure, t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More